Windows 7 startet nicht mehr, auch kein Start im abgesicherten Modus, stop bei classpnp.sys, schwarzer Bildschim mit Maus. Oooops! Das mit dem Code posten habe ich erst jetzt gesehen - Keine Logs unaufgefordert als Anhang. Sorry!
:stirn:
Hier nochmal die Logfiles in der Codebox.
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2016
Ran by SYSTEM on MININT-U0HK4KL (22-07-2016 01:00:15)
Running from j:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery
Default: ControlSet001 ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows8FirewallControl] => C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe [1204224 2013-09-30] (Sphinx Software)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KORG USB-MIDI Driver] => C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [394096 2013-05-30] (KORG Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-07-01] (AVAST Software)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe
HKU\Default\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Karen\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Karen\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\Karen\...\Policies\system: [LogonHoursAction] 2
HKU\Karen\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Papa\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
HKU\Papa\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
HKU\Papa\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\Papa\...\Policies\system: [LogonHoursAction] 2
HKU\Papa\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-04-27]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2011\mshaktuell.exe (No File)
GroupPolicyUsers\S-1-5-21-1702933505-973224923-256598594-1003\User: Restriction <======= ATTENTION
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-19] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5570272 2016-05-19] (Avast Software)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-03] (Electronic Arts)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 Windows8FirewallService; C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe [3806720 2013-09-30] (Sphinx Software)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
S3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-19] (AVAST Software)
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-19] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-19] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-19] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-19] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-19] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-19] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-19] (AVAST Software)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-21] (AVM Berlin)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-21] (AVM GmbH)
S3 KORGUMDS; C:\Windows\System32\Drivers\KORGUM64.SYS [34136 2013-05-30] (KORG INC.)
S3 MackieUSB; C:\Windows\System32\DRIVERS\MackieUSB_x64.sys [245728 2012-05-30] ()
S3 MackieUSBks; C:\Windows\System32\DRIVERS\MackieUSBks_x64.sys [52192 2012-05-30] ()
S0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-05-19] (AVAST Software)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [323392 2016-05-19] (Avast Software)
S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-01-20] (VIA Technologies, Inc.)
S3 VUSBSTOR; C:\Windows\System32\Drivers\vusbstor.sys [86064 2013-01-17] (VIA Technologies, Inc.)
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [297472 2014-01-20] (VIA Technologies, Inc.)
S3 Asushwio; \??\H:\Bin\64bit\Asushwio.sys [X]
S3 CT20XUT.SYS; \SystemRoot\System32\drivers\CT20XUT.SYS [X]
S3 CTEXFIFX.SYS; \SystemRoot\System32\drivers\CTEXFIFX.SYS [X]
S3 CTHWIUT.SYS; \SystemRoot\System32\drivers\CTHWIUT.SYS [X]
S3 lvpepf64; system32\DRIVERS\lv302a64.sys [X]
S3 LVUSBS64; system32\drivers\LVUSBS64.sys [X]
S3 PID_PEPI; system32\DRIVERS\LV302V64.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Driver Fusion\DriverFusion.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-21 19:58 - 2016-07-21 19:58 - 00092124 _____ C:\OTL.Txt
2016-07-21 19:58 - 2016-07-21 19:58 - 00026740 _____ C:\Extras.Txt
2016-07-21 11:19 - 2016-07-21 11:19 - 00013128 ____N C:\bootsqm.dat
2016-07-20 20:42 - 2016-07-22 01:00 - 00000000 ____D C:\FRST
2016-07-18 05:09 - 2016-07-20 13:38 - 00000000 _____ C:\Windows\ntbtlog.txt
2016-07-17 22:46 - 2010-11-20 19:23 - 00383786 __RSH C:\bootmgr
2016-07-16 10:04 - 2016-07-16 10:05 - 00000000 ____D C:\Program Files (x86)\Arturia
2016-07-16 07:55 - 2016-07-16 08:22 - 00000000 ____D C:\ProgramData\Arturia
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-21 19:55 - 2013-05-20 13:13 - 00000000 ____D C:\users\Karen
2016-07-21 19:55 - 2013-05-17 15:55 - 00000000 ____D C:\users\Papa
2016-07-17 02:19 - 2009-07-13 20:45 - 00026576 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-17 02:19 - 2009-07-13 20:45 - 00026576 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-17 02:16 - 2013-05-17 16:39 - 00659008 _____ C:\Windows\System32\perfh007.dat
2016-07-17 02:16 - 2013-05-17 16:39 - 00134396 _____ C:\Windows\System32\perfc007.dat
2016-07-17 02:16 - 2009-07-13 21:13 - 01550736 _____ C:\Windows\System32\PerfStringBackup.INI
2016-07-17 02:16 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2016-07-17 02:12 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-16 17:00 - 2013-05-20 12:37 - 00000000 ____D C:\Users\Papa\AppData\Roaming\uTorrent
2016-07-16 16:57 - 2013-09-17 11:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-16 16:26 - 2013-11-06 13:13 - 00000000 ____D C:\Users\Papa\AppData\Roaming\vlc
2016-07-16 16:00 - 2013-05-20 11:17 - 00000000 ____D C:\Users\Papa\AppData\Local\Adobe
2016-07-16 10:04 - 2016-02-29 09:01 - 00000000 ____D C:\Program Files\Common Files\VST3
2016-07-16 10:04 - 2014-12-05 14:32 - 00000000 ____D C:\Program Files\VstPlugins
2016-07-16 10:03 - 2013-08-27 01:59 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2016-07-16 06:52 - 2015-12-12 15:29 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DDCB4373-BBC1-480E-A2A8-F0A4533301F9}
2016-07-15 01:13 - 2013-05-20 11:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-13 09:55 - 2015-01-09 05:33 - 00000000 ____D C:\Users\Karen\Documents\FIFA 14
2016-07-13 08:27 - 2015-01-04 02:01 - 00000000 ____D C:\ProgramData\Origin
2016-07-12 07:57 - 2013-09-17 11:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-12 07:57 - 2013-06-05 13:29 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-12 07:57 - 2013-06-05 13:29 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-12 07:57 - 2013-06-05 13:29 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 07:57 - 2013-06-05 13:29 - 00000000 ____D C:\Windows\System32\Macromed
2016-07-11 03:00 - 2016-04-30 10:48 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-10 01:33 - 2009-07-13 21:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-04 10:47 - 2015-11-29 15:39 - 00000000 ____D C:\Program Files (x86)\Driver Fusion
2016-07-03 00:27 - 2015-01-08 09:14 - 00000000 ____D C:\Program Files (x86)\Origin
Some files in TEMP:
====================
C:\Users\Papa\AppData\Local\Temp\readSTILog.dll
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Association (Whitelisted) =============
==================== Restore Points =========================
==================== BCD ================================
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
path \bootmgr
description Windows Boot Manager
locale de-DE
default {default}
displayorder {default}
timeout 30
Windows Boot Loader
-------------------
identifier {9707dd30-4f03-11e6-b569-84b38386ecf4}
device ramdisk=[C:]\Recovery\c2170446-bf9e-11e2-b976-ca7f691bd450\Winre.wim,{9707dd31-4f03-11e6-b569-84b38386ecf4}
path \windows\system32\winload.exe
description Windows Recovery Environment (recovered)
locale
osdevice ramdisk=[C:]\Recovery\c2170446-bf9e-11e2-b976-ca7f691bd450\Winre.wim,{9707dd31-4f03-11e6-b569-84b38386ecf4}
systemroot \windows
winpe Yes
Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7 Ultimate
locale de-DE
osdevice partition=C:
systemroot \Windows
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale de-DE
Device options
--------------
identifier {9707dd31-4f03-11e6-b569-84b38386ecf4}
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\c2170446-bf9e-11e2-b976-ca7f691bd450\boot.sdi
==================== Memory info ===========================
Percentage of memory in use: 6%
Total physical RAM: 24574.61 MB
Available physical RAM: 23082.62 MB
Total Virtual: 24572.81 MB
Available Virtual: 23089.83 MB
==================== Drives ================================
Drive c: (Windows 7 SP1) (Fixed) (Total:119.14 GB) (Free:33.9 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Daten 2) (Fixed) (Total:1863.01 GB) (Free:1483.43 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.49 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive j: (PNY_1GB) (Removable) (Total:0.93 GB) (Free:0.87 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (Daten) (Fixed) (Total:298.09 GB) (Free:297.58 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4B674B66)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5CB78ED8)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 1A13162B)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 35C803C0)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (Size: 955.5 MB) (Disk ID: 0185A692)
Partition 1: (Not Active) - (Size=955 MB) - (Type=07 NTFS)
LastRegBack: 2016-05-06 08:21
==================== End of FRST.txt ============================ --- --- ---
OTL Logfile: Code:
OTL logfile created on: 7/21/2016 11:56:58 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 33.91 Gb Free Space | 28.46% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1483.43 Gb Free Space | 79.63% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 297.59 Gb Free Space | 99.83% Space Free | Partition Type: NTFS
Drive F: | 500.00 Mb Total Space | 170.97 Mb Free Space | 34.19% Space Free | Partition Type: NTFS
Drive G: | 100.00 Mb Total Space | 72.07 Mb Free Space | 72.07% Space Free | Partition Type: NTFS
Drive H: | 111.30 Gb Total Space | 74.47 Gb Free Space | 66.91% Space Free | Partition Type: NTFS
Drive X: | 1.87 Gb Total Space | 1.38 Gb Free Space | 74.17% Space Free | Partition Type: NTFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2016/05/19 06:01:05 | 000,243,296 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2016/05/19 06:00:59 | 005,570,272 | ---- | M] (Avast Software) [On_Demand] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2013/09/30 13:54:32 | 003,806,720 | ---- | M] (Sphinx Software) [Auto] -- C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe -- (Windows8FirewallService)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2016/07/12 11:57:09 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/07/03 04:27:16 | 002,122,248 | ---- | M] (Electronic Arts) [On_Demand] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2016/06/24 19:45:12 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016/06/17 16:09:13 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/08 19:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/19 06:01:10 | 000,465,792 | ---- | M] (AVAST Software) [File_System | System] -- C:\Windows\system32\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2016/05/19 06:01:10 | 000,166,432 | ---- | M] (AVAST Software) [Kernel | Auto] -- C:\Windows\system32\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2016/05/19 06:01:10 | 000,107,792 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2016/05/19 06:01:10 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | Auto] -- C:\Windows\system32\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2016/05/19 06:01:09 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\system32\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2016/05/19 06:01:02 | 001,070,904 | ---- | M] (AVAST Software) [File_System | System] -- C:\Windows\system32\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2016/05/19 06:01:02 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\system32\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2016/05/19 06:00:59 | 000,323,392 | ---- | M] (Avast Software) [Kernel | Auto] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2015/07/13 06:16:16 | 000,026,368 | ---- | M] (Resplendence Software Projects Sp.) [File_System | On_Demand] -- C:\Windows\System32\drivers\rspLLL64.sys -- (rspLLL)
DRV:64bit: - [2014/07/02 17:29:29 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/01/20 05:19:56 | 000,225,792 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2014/01/20 05:19:52 | 000,297,472 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2013/08/20 01:02:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2013/08/20 01:02:12 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2013/07/31 07:23:57 | 000,139,352 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2013/05/30 19:14:00 | 000,034,136 | ---- | M] (KORG INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\KORGUM64.SYS -- (KORGUMDS)
DRV:64bit: - [2013/01/17 22:11:54 | 000,086,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\vusbstor.sys -- (VUSBSTOR)
DRV:64bit: - [2012/11/14 13:39:18 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/11/14 13:39:18 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/11/14 13:39:18 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/11/14 13:39:18 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/05/30 05:39:28 | 000,245,728 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\MackieUSB_x64.sys -- (MackieUSB)
DRV:64bit: - [2012/05/30 05:39:26 | 000,052,192 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\MackieUSBks_x64.sys -- (MackieUSBks)
DRV:64bit: - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/10/21 20:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV:64bit: - [2010/10/21 20:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2009/08/13 17:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032e.sys -- (e1express) Intel(R)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV - [2013/07/31 07:23:57 | 000,139,352 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Karen_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Karen_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\Karen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\Karen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Karen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\Karen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 F3 AD 04 62 53 CE 01 [binary data]
IE - HKU\Karen_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\Karen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\NetworkService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\Papa_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Papa_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\Papa_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\Papa_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Papa_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\Papa_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 F3 AD 04 62 53 CE 01 [binary data]
IE - HKU\Papa_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\Papa_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "DE"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "DE"
FF - prefs.js..browser.startup.homepage: "https://www.ixquick.de/deu/"
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_22_0_0_209.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Users\Karen\AppData\Local\mpDRM\Binaries\NPMPDRM.dll ( )
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016/05/19 06:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/05/19 06:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/05/19 06:01:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016/04/30 14:49:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 47.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 47.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/05/24 16:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karen\AppData\Roaming\Mozilla\Extensions
[2016/05/08 15:27:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\5g9yripw.default\extensions
[2016/06/17 16:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5G9YRIPW.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
O1 HOSTS File: ([2016/06/04 07:08:32 | 000,000,958 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 opencandy.com
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [nwiz] File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe (VIA Technologies, Inc.)
O4:64bit: - HKLM..\Run: [Windows8FirewallControl] C:\Program Files\Windows8FirewallControl\Windows8FirewallControl.exe (Sphinx Software)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVMWlanClient] File not found
O4 - HKLM..\Run: [KiesTrayAgent] File not found
O4 - HKLM..\Run: [KORG USB-MIDI Driver] C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe (KORG Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKU\Karen_ON_C..\Run: [] File not found
O4 - HKU\Karen_ON_C..\Run: [Sidebar] File not found
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] File not found
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] File not found
O4 - HKU\Papa_ON_C..\Run: [CAHeadless] File not found
O4 - HKU\Papa_ON_C..\Run: [KiesAirMessage] File not found
O4 - HKU\Papa_ON_C..\Run: [KiesPreload] File not found
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\Karen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Karen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\Karen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\Papa_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Papa_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\Papa_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.212.62.62 78.42.43.62
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016/07/21 16:20:36 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{7952190b-bf4f-11e2-a2d5-0018f3f6cd59}\Shell - "" = AutoRun
O33 - MountPoints2\{7952190b-bf4f-11e2-a2d5-0018f3f6cd59}\Shell\AutoRun\command - "" = I:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2016/07/21 00:42:32 | 000,000,000 | ---D | C] -- C:\FRST
[2016/07/18 02:41:57 | 000,000,000 | -HSD | C] -- C:\Boot
[2016/07/16 14:04:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Arturia
[2016/07/16 14:03:21 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arturia
[2016/07/16 11:55:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Arturia
[2014/02/28 20:23:32 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
========== Files - Modified Within 30 Days ==========
[2016/07/21 15:19:01 | 000,013,128 | ---- | M] () -- C:\bootsqm.dat
[2016/07/20 17:48:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/07/17 06:19:28 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/07/17 06:19:28 | 000,026,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/07/17 06:16:27 | 000,659,008 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2016/07/17 06:16:27 | 000,627,916 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016/07/17 06:16:27 | 000,134,396 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2016/07/17 06:16:27 | 000,110,308 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016/07/16 20:57:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/07/12 11:57:09 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/07/12 11:57:09 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ==========
[2016/07/21 15:19:01 | 000,013,128 | ---- | C] () -- C:\bootsqm.dat
[2016/07/18 02:46:47 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2015/12/12 14:45:14 | 000,000,448 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015/11/30 17:39:33 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-PAPA-PC-Windows-7-Ultimate-(64-bit).dat
[2015/11/29 20:02:42 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/02/03 13:09:27 | 001,588,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/01/18 12:11:38 | 000,001,456 | ---- | C] () -- C:\Users\Papa\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2014/04/27 11:49:52 | 000,000,819 | ---- | C] () -- C:\Windows\wiso.ini
[2013/12/15 10:19:20 | 000,007,663 | ---- | C] () -- C:\Users\Papa\AppData\Local\Resmon.ResmonCfg
[2013/10/21 16:33:11 | 000,000,088 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013/07/18 08:32:34 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013/07/18 08:32:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013/07/18 08:32:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013/07/18 08:32:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/07/02 16:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll
[2012/02/02 23:00:58 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\TCPClient.dll
[2011/06/15 07:37:00 | 001,108,992 | ---- | C] () -- C:\Windows\SysWow64\phidget21.dll
[2010/11/20 23:24:49 | 000,252,928 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2010/08/26 19:34:36 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\libvout_wrapper_plugin.dll
[2010/08/26 19:34:36 | 000,034,816 | ---- | C] () -- C:\Windows\SysWow64\libvmem_plugin.dll
[2010/08/26 19:34:34 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\libswscale_plugin.dll
[2010/08/26 19:34:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\libstream_out_transcode_plugin.dll
[2010/08/26 19:34:32 | 000,035,840 | ---- | C] () -- C:\Windows\SysWow64\libstream_out_smem_plugin.dll
[2010/08/26 19:34:30 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\libps_plugin.dll
[2010/08/26 19:34:30 | 000,040,448 | ---- | C] () -- C:\Windows\SysWow64\libpacketizer_mpegvideo_plugin.dll
[2010/08/26 19:34:30 | 000,037,888 | ---- | C] () -- C:\Windows\SysWow64\libmpeg_audio_plugin.dll
[2010/08/26 19:34:30 | 000,033,280 | ---- | C] () -- C:\Windows\SysWow64\libmux_wav_plugin.dll
[2010/08/26 19:34:30 | 000,031,232 | ---- | C] () -- C:\Windows\SysWow64\libmpgv_plugin.dll
[2010/08/26 19:34:28 | 000,039,424 | ---- | C] () -- C:\Windows\SysWow64\libfilesystem_plugin.dll
[2010/08/26 19:34:28 | 000,035,328 | ---- | C] () -- C:\Windows\SysWow64\libmjpeg_plugin.dll
[2010/08/26 19:34:28 | 000,033,280 | ---- | C] () -- C:\Windows\SysWow64\libmemcpymmx_plugin.dll
[2010/08/26 19:34:22 | 007,124,992 | ---- | C] () -- C:\Windows\SysWow64\libavcodec_plugin.dll
[2010/08/26 19:34:22 | 002,263,552 | ---- | C] () -- C:\Windows\SysWow64\libvlccore.dll
[2010/08/26 19:34:22 | 000,101,376 | ---- | C] () -- C:\Windows\SysWow64\libvlc.dll
[2010/08/26 19:34:22 | 000,088,064 | ---- | C] () -- C:\Windows\SysWow64\libaccess_http_plugin.dll
[2010/08/26 19:34:22 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\libau_plugin.dll
[2010/04/05 20:05:48 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\highgui210.dll
[2010/04/05 20:05:16 | 002,085,888 | ---- | C] () -- C:\Windows\SysWow64\cv210.dll
[2010/04/05 20:04:06 | 002,201,088 | ---- | C] () -- C:\Windows\SysWow64\cxcore210.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2004/12/23 06:06:16 | 000,005,824 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
========== LOP Check ==========
[2016/05/08 01:37:13 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\.minecraft
[2014/05/20 15:29:27 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\AVAST Software
[2014/12/15 13:54:13 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\LucasArts
[2015/06/11 12:21:12 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\Origin
[2014/01/08 17:04:28 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\ProtectDISC
[2014/09/04 16:42:58 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\RavensburgerTipToi
[2013/11/06 09:21:09 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\Rovio
[2013/11/23 14:20:11 | 000,000,000 | ---D | M] -- C:\Users\Karen\AppData\Roaming\Rovio Entertainment Ltd
[2016/02/21 16:04:19 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\Applied Acoustics Systems
[2014/05/11 05:38:12 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\AVAST Software
[2015/02/27 18:04:11 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\DxO Labs
[2013/11/28 18:24:49 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\FlowStone
[2015/04/26 07:51:36 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\FRITZ!
[2015/03/14 19:19:51 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\Haenlein-Software
[2016/05/16 05:41:59 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\HandBrake
[2014/09/17 18:42:33 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\Image-Line
[2014/12/03 18:29:36 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\iZotope
[2013/08/27 09:38:57 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\Korg
[2013/10/28 16:18:55 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\Leadertech
[2015/02/09 12:27:14 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\Morphine
[2016/04/30 12:43:27 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\No Company Name
[2015/11/18 20:05:37 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\Origin
[2014/12/05 16:15:59 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\PACE Anti-Piracy
[2015/11/16 19:41:01 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\Psicraft
[2014/11/13 16:46:46 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\RavensburgerTipToi
[2015/11/16 17:17:54 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\Samsung
[2016/07/16 21:00:57 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\uTorrent
[2016/02/29 16:08:26 | 000,000,000 | ---D | M] -- C:\Users\Papa\AppData\Roaming\Waves Audio
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2016/07/16 12:22:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Arturia
[2016/05/19 06:01:10 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2014/04/27 11:49:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Buhl Data Service GmbH
[2013/08/25 09:26:18 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2014/11/17 20:40:41 | 000,000,000 | ---D | M] -- C:\ProgramData\DirectWave
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2015/02/27 18:02:44 | 000,000,000 | ---D | M] -- C:\ProgramData\DxO Labs
[2015/01/09 09:35:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2014/01/12 17:11:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Lernwerkstatt 9
[2016/01/11 08:14:37 | 000,000,000 | ---D | M] -- C:\ProgramData\mpDRM
[2014/11/18 18:15:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Native Instruments
[2015/12/04 13:07:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Oracle
[2016/07/13 12:27:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Origin
[2015/11/18 20:03:52 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache
[2014/11/13 16:38:43 | 000,000,000 | ---D | M] -- C:\ProgramData\RavensburgerTipToi
[2016/04/30 14:13:00 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2015/12/02 17:03:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung
[2013/10/21 16:30:53 | 000,000,000 | ---D | M] -- C:\ProgramData\SlySoft
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2016/02/29 13:19:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Waves Audio
[2015/01/18 18:14:30 | 000,000,000 | -H-D | M] -- C:\ProgramData\{84F3A9E1-F22E-44D1-A4DA-6FDAED1C26FF}
[2014/01/08 17:15:55 | 000,000,000 | ---D | M] -- C:\ProgramData\{9D32C6BC-9649-4BBB-B075-B26C6CA62F12}
[2016/06/12 13:24:41 | 000,000,000 | -H-D | M] -- C:\ProgramData\{B895D3F6-931C-4B01-A8AC-DCDBBE28F2F9}
[2014/12/05 17:57:50 | 000,000,000 | -H-D | M] -- C:\ProgramData\{DEB7EC0A-2CAA-4D3F-980F-EFEF8157E3FA}
[2015/08/12 09:02:58 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(701).TXT
[2016/07/10 05:33:35 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 1226 bytes -> C:\Users\Papa\AppData\Local\Temporary Internet Files:RSBNJWsTHLWdfsbv4mmi1Yick2W
@Alternate Data Stream - 1182 bytes -> C:\Users\Papa\AppData\Local\utGcgPyHEnn:cDhoHTLDNzNEasTlPTnKbZX
@Alternate Data Stream - 1157 bytes -> C:\Users\Papa\AppData\Local\Application Data:db9x54srufboZzutnIeYwZm374
@Alternate Data Stream - 1157 bytes -> C:\Users\Papa\AppData\Local:db9x54srufboZzutnIeYwZm374
@Alternate Data Stream - 1086 bytes -> C:\Users\Papa\AppData\Local\Application Data:hyw0Rwl9PVU2PJpsDszhkI6gqM7x8E
@Alternate Data Stream - 1086 bytes -> C:\Users\Papa\AppData\Local:hyw0Rwl9PVU2PJpsDszhkI6gqM7x8E
@Alternate Data Stream - 1 bytes -> C:\ProgramData\Application Data:58EC8EE7B78A9BC1
@Alternate Data Stream - 1 bytes -> C:\ProgramData\Application Data:482EE99B1E21CE8C
@Alternate Data Stream - 1 bytes -> C:\ProgramData:58EC8EE7B78A9BC1
@Alternate Data Stream - 1 bytes -> C:\ProgramData:482EE99B1E21CE8C
< End of report > OTL Logfile: Code:
OTL Extras logfile created on: 7/21/2016 11:56:58 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 33.91 Gb Free Space | 28.46% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1483.43 Gb Free Space | 79.63% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 297.59 Gb Free Space | 99.83% Space Free | Partition Type: NTFS
Drive F: | 500.00 Mb Total Space | 170.97 Mb Free Space | 34.19% Space Free | Partition Type: NTFS
Drive G: | 100.00 Mb Total Space | 72.07 Mb Free Space | 72.07% Space Free | Partition Type: NTFS
Drive H: | 111.30 Gb Total Space | 74.47 Gb Free Space | 66.91% Space Free | Partition Type: NTFS
Drive X: | 1.87 Gb Total Space | 1.38 Gb Free Space | 74.17% Space Free | Partition Type: NTFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome File not found
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}" = Adobe Photoshop Lightroom 5.7 64-bit
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86418066F0}" = Java 8 Update 66 (64-bit)
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FC09265-8AAD-410D-B88D-EBAA41327056}" = Native Instruments Scarbee Funk Guitarist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{E0ECE7E9-6B40-4DCB-9040-551E26C698D4}" = DxO OpticsPro 10
"7-Zip" = 7-Zip 15.14 (x64)
"LatencyMon_is1" = LatencyMon 6.50
"NTLite_is1" = NTLite v1.0.0.3442
"Sylenth1_is1" = Sylenth1 v2.21
"VLC media player" = VLC media player 2.1.0
"Windows8FirewallControl_is1" = Windows8FirewallControl (x64) 6.1.9.53
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}" = Adobe Photoshop Lightroom 5.7 64-bit
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86418066F0}" = Java 8 Update 66 (64-bit)
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FC09265-8AAD-410D-B88D-EBAA41327056}" = Native Instruments Scarbee Funk Guitarist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{E0ECE7E9-6B40-4DCB-9040-551E26C698D4}" = DxO OpticsPro 10
"7-Zip" = 7-Zip 15.14 (x64)
"LatencyMon_is1" = LatencyMon 6.50
"NTLite_is1" = NTLite v1.0.0.3442
"Sylenth1_is1" = Sylenth1 v2.21
"VLC media player" = VLC media player 2.1.0
"Windows8FirewallControl_is1" = Windows8FirewallControl (x64) 6.1.9.53
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\Karen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"Dropbox" = Dropbox
"Mozilla Firefox 45.0.2 (x86 de)" = Mozilla Firefox 45.0.2 (x86 de)
"uTorrent" = µTorrent
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\Papa_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
< End of report > |